This invention relates to information security for gaming machine networks. More particularly, the present invention relates to protecting gaming machine transaction information stored in a database from unauthorized alteration.
Gaming machines are becoming increasingly sophisticated. Many slot machines now employ CRT video display screens in place of more traditional mechanically-driven reel displays. Further, poker and other games of chance are now commonly provided on electronic/video machines.
To control and monitor gaming machine activity, many establishments employ networks electronically linking numerous gaming machines. Frequently casinos connect their gaming machines to a local area network. Some casinos have even connected multiple local area networks to wide area networks spanning multiple casinos. Such wide area networks allow groups of slot machines at various casinos to be connected to one another for various purposes including use in “progressive” games. Progressive games allow jackpots from multiple machines in multiple locations to grow as one large jackpot.
Transaction currency on gaming machines is also becoming more sophisticated. Where once only coin handling mechanisms were present on gaming machines, credit devices such as cash-out vouchers now find wide use. These credit devices electronically store user transactions and, when used in conjunction with electronic processing systems, they monitor user activity. Some casinos now issue magnetic player identification cards that players use to obtain awards for frequent playing. A player holding such card inserts it in a card reader provided on a gaming machine before he or she begins play. Accounting software on the local area network then detects the card insertion, notes the player identity and follows the machine activity. Other casinos now issue bar-coded tickets. When a player terminates interaction on a gaming machine, the gaming machine prints out a ticket, which includes the player's final status such as the time and a cash-out value. The player then retrieves the ticket and may redeem it for credit at another game or cash it out at a change booth or a pay machine.
As mentioned, gaming transactions are now electronically stored, typically by the gaming machine network. Thus, each time a user completes a transaction on a gaming machine, the network stores the transaction information such as the time, the machine number and credit value of the device at transaction completion. When the user attempts to play another game with the credit device, the network must redeem the value of the device, e.g., for game credit. Similarly, when the user attempts redeem the device for a cash-out, the network must provide the cash value of the device. Upon redemption of the device at a gaming machine or at cash-out, the redemption value of the device is determined according to the user's last stored transaction in the network.
Transaction information for the network is typically stored in a common location or database for consistent access by the gaming machines and casino personnel. Some casinos use conventional database management tools to store the transaction information. These database management tools generally permit open access for individuals on the network, e.g., casino personnel. Unfortunately, this open access to the database also potentially allows authorized, and even in some cases unauthorized, individuals to tamper with the transaction information. In one example, an unscrupulous person could alter the transaction amount in a database record from $10 to $100.
From the foregoing, it should be apparent there exists a need for security measures that prevent tampering of transaction information stored in a database of a gaming network.